Bangalore: Shadow IT as a concept although appears fairly practical and time saving in nature for business units within any large or mid-size enterprise, but certainly it puts the organization's overall information security at enormous risk.

Given that the business units can build and deploy IT solutions or systems independently, bypassing central IT architecture and governance processes, there's an obvious disconnect caused by Shadow IT that drifts away the corporate IT security standpoint and exposes the enterprise to great risks, according to Fortinet.

And in case of any information security related incidents, it would be the organization's CIO and the IT security team that would have to face the brunt of that incident.

Further, the popularity and growing adoption of wireless connectivity and devices along with mix of applications (consumer & enterprise) running in those devices within any enterprise networks, does extend the scope of vulnerabilities and risk factors linked to Shadow IT mainly because of unbridled use of unapproved devices and services on the network.

According to Fortinet India & SAARC's Regional Director, Rajesh Maurya, about 90 percent of employees and guests are connecting to their network wirelessly and yet wireless APs (access points) are often less secure than the wired perimeter.

"The proliferation of devices and applications is posing serious challenges for organizations that need to ensure the protection of their entire network and guard against advanced cyber security threats. And so, it is critical that a security solution, map users to devices and control access accordingly and accurately," Maurya adds.

On the wireless devices and connectivity, Gartner predicts that around 33 billion endpoints will be connected by 2020, a majority of them will be wireless. Certainly, the scenario emphasizes on security not just wired devices, connections and networks but also wireless.

This means, CIOs and IT security teams would need to rework and strengthen enterprise's overall network security in a way that would deal with all aspects including Shadow IT and wide range of devices brought by workers that get plugged on to the corporate networks.

When it comes to devices in the workplace, Maurya says one often thinks of smart phones, laptops, and tablets but today's wireless endpoints comprise more than those traditional devices.

"Organizations may also deploy wireless IP cameras, location-based beacons, and other small devices which often are not capable of supporting traditional security solutions. So this means companies have more and more vulnerabilities to protect for the foreseeable future," Maurya adds.

Certainly, the rise in number of devices, make the security mechanism more complex and this is in addition the security gaps that arise with existing wireless gadgets like smart phones, laptops and tablets, through which users access both work related and personal applications.

Though users access applications like contact management, games, shopping and other legitimate news portals, they are highly unaware on malware attacks and infection linked to those apps. And this can easily put network security at risks which the user is unaware of.

From information security standpoint, CIOs and IT security team will need to look beyond network access controls that involves securing flow of information through those devices as well as actively scan for malware, block access to malicious websites, end-point integrity checks, and control application usage.

Beside such security drill, protecting access points (APs) would be a key to wireless security plan of the enterprise that would also undertake securing user devices.

Today's APs not only need to support high density environments, but also support security features like application visibility & control (AVC), wireless intrusion prevention systems (wIPS), and rogue monitoring —all without the loss of performance.

According to Maurya, organizations need a fabric with deeply integrated security systems that share information across all areas, including wired, wireless, VPN and cloud environments.

"When the integration is coupled with machine learning capabilities, the system can flag abnormalities more accurately and more rapidly, and coordinate responses between different security deployments. All of this contributes to better response time for organizations in mitigating threats," Maurya concludes.